Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bootstrapping is expensive #5

Open
cpuguy83 opened this issue Sep 22, 2022 · 1 comment
Open

Bootstrapping is expensive #5

cpuguy83 opened this issue Sep 22, 2022 · 1 comment

Comments

@cpuguy83
Copy link
Owner

Today the shim currently uses a bootstrap/control process when starting a container.
This is needed for multiple reasons (managing stdio pipes, differentiating runc exit vs container exit).

Currently this control process is using an extra subcommand on the main shim binary, which means each container is firing up it's own iteration of the shim (with the go runtime, all deps, etc) and consuming tons of resources.

Ideally we wouldn't need this extra control process, and it may be possible to eliminate it for some things but today it cannot (as far as I can tell execs absolutely need it until there is split like exec-create and exec-start). The overhead of this control process needs to be minimal.

This could be a separate binary or a C implementation hooked up before the go runtime starts (like the pty handler currently does). No matter the solution, the current footprint is far too big since every container and every exec needs this control process.

@cpuguy83
Copy link
Owner Author

I moved the full tty handshake into C, so at least this is greatly reduced.
Still have to deal with the container bootstrapper.

Testing shows the bootstrap process uses ~12MB of RAM before doing anything.
Because we need to read the mounts config (requires a json parser), moving this into C is not as simple as I'd like it to be and will likely add some bloat the the tty copier.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant